[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] disable ICQ
The
best one I've heard yet is a bit of a hack, but it's effective. Each IM
service (AIM, ICQ, etc.) will typically attach to a central host to identify the
client ID and receive updates for their buddy list. Instead of blocking a
moving target (the dest port in this case), put an entry in the host file
of your site's DNS server for the messaging server in question. The entry
should look like this:
127.0.0.1 login.oscar.aol.com (or
whatever the messaging server's name is)
This
way, when the messaging client goes to attach to the central server, it instead
gets routed right back to itself. It's maddening for your users and
effective for you. You just need to document and remember that you have
mucked up your host file, in case you need to make changes at a later
date.
new
ICQ comes with dynamic config. You can try every port & IP possibility of
program and close that destinations. This is the first idea for solution.. But
you may have many of rules just for disabling ICQ. I suggest give permission
for icq and dont care anything. Just control other security points for
disabling ICQ, for ex block installation of ICQ. yo can
control this point from any of PC management SW like SMS, Tivoli, Spectrum
etc.
______________________________________
Serhat ERKAN Professional
Services -----Original Message-----
From: Hans Schimek [mailto:[email protected]] Sent: Thursday, June 28, 2001 9:43 PM To: Fw-1-Mailinglist Subject: [FW1] disable ICQ
*** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail, delete this e-mail, and refrain from any disclosure or action based on the information. ****
|